Researchers with Google's Project Zero security team say they've found three flaws with high severity that have yet to be patched.
A security audit earlier this year showed gaps in the way the movie studio monitored its computer systems, according to a Recode report.
The company said previously that the vast majority of Macs were "safe by default" from the new security vulnerability known as the Bash or Shellshock bug.
The fingerprint reader on the iPhone 6 can be fooled by the same trick that unlocks the iPhone 5S -- but it didn't have to be that way.
Apple and Google working on fixes for the decade-old flaw, which researchers blamed on an abandoned US policy on encryption.
Yes, it seems US and UK spy agencies tried to snoop on people's smartphones, the company says. But privacy and security harm to users is limited by Gemalto's own network security and newer encryption used on modern networks.
The cyberattack may be linked to software found preloaded on the PC maker's laptops that left them vulnerable to malware.
By not properly vetting the Superfish adware, Lenovo became the most recent unwitting example of broken links in the software supply chain.
The Android version of the messaging app no longer sends images and videos without encryption protection, and an iOS fix has been submitted, the company says.
The flaw, which is being leveraged in "limited, targeted attacks," allows remote code execution, Microsoft warns.